[Ffmpeg-devel] [PATCH/BUGREPORT] crash in vorbis decoder
Baptiste Coudurier
baptiste.coudurier
Sun Feb 4 23:56:59 CET 2007
Michael Niedermayer wrote:
> Hi
>
> On Sun, Feb 04, 2007 at 11:35:20PM +0100, Reimar D?ffinger wrote:
>> Hello,
>> On Sun, Feb 04, 2007 at 10:27:40PM +0000, M?ns Rullg?rd wrote:
>>> Michael Niedermayer <michaelni at gmx.at> writes:
>>>> On Sun, Feb 04, 2007 at 11:08:16PM +0100, Reimar D?ffinger wrote:
>>>>> http://samples.mplayerhq.hu/A-codecs/vorbis/ffvorbis_crash.ogm
>>>>> crashes a few seconds into the files.
>>>> gdb/valgrind output?
>> [...]
>>> #0 vorbis_residue_decode (vc=0xa2dee0, vr=0xac41b0, ch=2 '\002',
>>> do_not_decode=0x7fff0f3f8d70 "", vec=0xab2000, vlen=1024)
>>> at /home/mru/src/ffmpeg/libavcodec/vorbis.c:1512
>>> 1512 vec[voffs ]+=codebook.codevectors[coffs+l ]; // FPMATH
>> [...]
>>> r11 0xfffffffc 4294967292
>> This, btw. seems to be the value of the coffs variable. Made me first
>> assume that it's some signedness problem (e.g. because get_vlc2 returns
>> int and not unsigned), but it's just a baseless assumption *g*.
>
> get_vlc*() returns -1 on error, maybe the code doesnt check this ...
> btw anyone wants to volunteer to maintain vorbis.c ?
>
Isn't Denes following devel list ? I thought so, last time a bug was
reported he fixed it really quickly.
--
Baptiste COUDURIER GnuPG Key Id: 0x5C1ABAAA
SMARTJOG S.A. http://www.smartjog.com
Key fingerprint 8D77134D20CC9220201FC5DB0AC9325C5C1ABAAA
Phone: +33 1 49966312
More information about the ffmpeg-devel
mailing list